📦 Freebsd

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where concurrent destruction of anonymous shared memory mappings can cause premature freeing of kernel object...

This critical vulnerability in NFS implementations allows remote attackers to execute arbitrary code on affected systems without requiring authentication. It affects OpenBSD and FreeBSD systems runnin...

This vulnerability allows remote attackers to execute arbitrary code on FreeBSD systems by sending specially crafted 802.11 beacon frames with malicious Mesh ID data. The flaw occurs when a FreeBSD Wi...

A heap buffer overflow vulnerability in FreeBSD's libc stdio function __sflush() allows attackers to corrupt data or execute arbitrary code when write errors occur. This affects applications using std...

CVE-2023-3326 is an authentication bypass vulnerability in pam_krb5 where the module fails to properly validate Kerberos ticket-granting tickets from the KDC when no keytab is provisioned. This allows...

This is a critical buffer overflow vulnerability in FreeBSD's rtsold IPv6 router advertisement daemon. Attackers can exploit it by sending malicious DNSSL options to trigger remote code execution or d...

This vulnerability allows arbitrary write to kernel memory in FreeBSD's bhyve hypervisor due to insufficient validation in the ctl_report_supported_opcodes function. Malicious software in a guest VM c...

This CVE describes a use-after-free vulnerability in the ctl_write_buffer function that allows malicious software in a guest VM to achieve code execution on the host bhyve process, which typically run...

CVE-2024-7589 is a race condition vulnerability in OpenSSH's sshd on FreeBSD systems that allows unauthenticated remote attackers to potentially execute arbitrary code with root privileges. The vulner...

This CVE-2024-6760 vulnerability allows unprivileged users to trace setuid programs due to a kernel tracing logic bug, enabling them to inspect program behavior and potentially read sensitive files li...

CVE-2022-23090 is a use-after-free vulnerability in FreeBSD's asynchronous I/O implementation where the aio_aqueue function fails to release a credential reference in error cases. This allows attacker...

CVE-2022-23092 is a memory corruption vulnerability in lib9p's RWALK message handling that allows a malicious bhyve guest kernel to overwrite host memory. This could lead to arbitrary code execution w...

CVE-2022-23085 is an integer overflow vulnerability in FreeBSD's netmap subsystem that allows kernel memory corruption. A privileged process within a jail can exploit this to affect the host system wh...

CVE-2022-23087 is a memory corruption vulnerability in the e1000 network adapter emulation in bhyve hypervisor. A malicious guest VM can overwrite host memory, potentially leading to host code executi...

A vulnerability in FreeBSD's pf(4) packet filter incorrectly validates TCP sequence numbers, allowing attackers to execute denial-of-service attacks against hosts behind affected firewalls. This affec...

This CVE-2023-5369 vulnerability allows sandboxed processes with only read or write capabilities (but no seek capability) to bypass file position restrictions and read/write data at arbitrary location...

This CVE allows IPv6 packets with multiple fragment headers to bypass pf firewall rules by being incorrectly reassembled and processed. Systems using pf packet filtering with IPv6 fragment reassembly ...

A buffer overflow vulnerability in the fwctl driver of bhyve hypervisor allows malicious privileged software running in a guest VM to execute arbitrary code on the host system. The vulnerability affec...

This is a stack-based buffer overflow vulnerability in FreeBSD's ggatec daemon that allows remote code execution. Attackers in a privileged network position can send oversized responses to overwrite t...

This vulnerability in FreeBSD's bhyve hypervisor allows malicious virtual machine guests to cause memory corruption in the host's bhyve process. This can lead to process crashes or potentially arbitra...

This is a use-after-free vulnerability in FreeBSD's ICMPv6 network stack that allows attackers to potentially execute arbitrary code or cause denial of service. It affects FreeBSD systems with IPv6 en...

This vulnerability in FreeBSD kernels allows system calls to disable SMAP (Supervisor Mode Access Prevention) protections temporarily, creating a window where other kernel bugs could be exploited to g...

This vulnerability allows a superuser inside a FreeBSD jail with the non-default allow.mount permission to exploit a race condition between directory lookup and filesystem remounting, enabling access ...

A double-free vulnerability in FreeBSD's accept filter implementation allows attackers to potentially execute arbitrary code or cause denial of service. This affects FreeBSD systems with listening soc...